package gcu.module.rbac.controller;

import gcu.module.notice.daomain.Notice;
import gcu.module.notice.service.NoticeService;
import gcu.module.rbac.daomain.Role;
import gcu.module.rbac.daomain.User;
import gcu.module.rbac.service.RoleService;
import gcu.module.rbac.service.UserService;
import gcu.util.Pager;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import java.util.ArrayList;
import java.util.List;

/**
 * Created by haol on 2016/9/18
 * 登录和对用户的设置
 */
@Controller
@RequestMapping("/user")
public class UserController {

      private Logger logger = LoggerFactory.getLogger(UserController.class);
      @Autowired
      private UserService userService;
      @Autowired
      private RoleService roleService;
      @Autowired
      private NoticeService noticeService;

      @RequestMapping("/index")
      public String index() {
            return "/rbac/login";
      }

      @RequestMapping("/wel")
      public String welcome(Model model) {
            Notice notice = noticeService.getNotice();
            model.addAttribute("notice", notice);
            return "rbac/user/wel";
      }

      @RequestMapping("/noAuthority")
      public String noIn() {
            return "/rbac/not";
      }

      @RequestMapping(value = "/login", method = RequestMethod.POST)
      public String login(String username, String password, Model model) {
            UsernamePasswordToken token = new UsernamePasswordToken(username, password);
            Subject subject = SecurityUtils.getSubject();
            try {
                  subject.login(token);
                  return "redirect:/user/wel";
            } catch (AuthenticationException e) {
                  logger.error(e.getMessage());
                  model.addAttribute("error", e.getMessage());
                  model.addAttribute("username", username);
            } catch (Exception e) {
                  logger.error(e.getMessage());
                  e.printStackTrace();
                  model.addAttribute("error", e.getMessage());
                  model.addAttribute("username", username);
            }
            return "/rbac/login";
      }

      @RequestMapping("/logout")
      public String logout() {
            Subject subject = SecurityUtils.getSubject();
            subject.logout(); // session 会销毁，在SessionListener监听session销毁，清理权限缓存
            return "/rbac/login";
      }

      @RequestMapping("/list")
      public String userList(User user, Pager pager, Model model) {
            List<User> users = userService.queryUserList(user, pager);
            model.addAttribute("userList", users);
            model.addAttribute("user", user);
            model.addAttribute("pager", pager);
            return "/rbac/user/list";
      }

      @RequestMapping("/edit/{id}")
      public String edit(@PathVariable Integer id, Model model) {
            List<Role> roles = roleService.getRoleList();
            List<Role> my_roles = roleService.queryRoleByUser(id);
            User user = userService.queryUserById(id);
            List<Integer> rids = new ArrayList<Integer>();
            for (Role role : my_roles) {
                  rids.add(role.getId());
            }
            model.addAttribute("my_roles", rids);
            model.addAttribute("user", user);
            model.addAttribute("roleList", roles);
            return "/rbac/user/edit";
      }

      @RequestMapping("/add")
      public String add(Model model) {
            List<Role> roles = roleService.getRoleList();
            model.addAttribute("my_roles", "5");
            model.addAttribute("user", new User());
            model.addAttribute("roleList", roles);
            return "/rbac/user/edit";
      }

      @RequestMapping("/del/{id}")
      public String del(@PathVariable int id, Model model) {
            userService.delete(id);
            roleService.deleteUserRoleByUser(id);
            return "redirect:/user/list";
      }

      @RequestMapping(value = "/uppwd", method = RequestMethod.GET)
      public String pwd(Model model) {
            List<User> users = userService.queryUserList();
            model.addAttribute("userList", users);
            return "/rbac/user/pwd";
      }
}
